---
title: Tokens
---

Provide restricted Configs access to an application.

A Configu Token is useful for:

- Authenticating the Configu CLI from a non-interactive system (e.g., CI/CD, Docker)
- Authenticating in real-time using one of our SDKs

## Creating a Token

To generate a token, head over to the Token page in the Settings tab.
New tokens are assigned [the reader role](/platform/authorization#predefined-roles).

<Frame>![image](/images-old/tokens/tokens-new-token.png)</Frame>

<Info>
A token can optionally be given an expiration date.
</Info>

<Frame>![image](/images-old/tokens/tokens-pick-expiration.png)</Frame>

<Frame>![image](/images-old/tokens/tokens-token-created.png)</Frame>

<Warning>
Safely store the token value. You won't be able to see it again!

</Warning>

## Assign roles to a Token

Organization tokens can be given roles that define what resources they can access. Read more about [role assignment](../authorization#assign-roles) in the authorization page.
<Frame>![image](/images-old/tokens/tokens-edit-roles.png)</Frame>

<Frame>![image](/images-old/tokens/tokens-edit-roles-alert.png)</Frame>

<Info>
- Tokens cannot be assigned the viewer role.
</Info>

## Revoking a Token

In case a token is no longer necessary, you may prematurely revoke a token at any time.

<Frame>![image](/images-old/tokens/tokens-revoke-token.png)</Frame>
